CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-31409

Certain MQTT wildcards are not blocked on the CyberPower PowerPanel system, which might result in an attacker obtaining data from throughout the system after gaining access to any device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.7%

CVSS Severity

CVSS v3 Score 6.5

References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01
https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads
https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01
https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads

Products affected by CVE-2024-31409

Cyberpower » Powerpanel » Version: N/A

cpe:2.3:a:cyberpower:powerpanel:-
Cyberpower » Powerpanel » Version: 4.8.6

cpe:2.3:a:cyberpower:powerpanel:4.8.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-31409

Products

Pricing

Contact Us